[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user

To: undisclosed-recipients: ;
Subject: [tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 20 Nov 2019 21:16:09 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 20 Nov 2019 16:16:19 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#32558: clarify what happens to email when we retire a user
-----------------------------------------------------+--------------------
     Reporter:  anarcat                              |      Owner:  tpa
         Type:  task                                 |     Status:  new
     Priority:  Medium                               |  Milestone:
    Component:  Internal Services/Tor Sysadmin Team  |    Version:
     Severity:  Normal                               |   Keywords:
Actual Points:                                       |  Parent ID:  #32519
       Points:                                       |   Reviewer:
      Sponsor:                                       |
-----------------------------------------------------+--------------------
 As part of improving the offboarding process (#32519), we should
 especially look at how email works.

 Right now, when we [https://help.torproject.org/tsa/howto/retire-a-user/
 retire a user], their account is first "locked" which means their access
 to various services is disabled. But their email still works for 186 days
 (~6 months). After that date, in theory, their email aliases start
 completely dropping email (needs to be onfirmed).

 It's unclear if that's the right policy to follow. Some people feel that
 an email alias should stay around forever, as it is an inalienable human
 right.

 Others feel that certain administrative roles should be forwarded when a
 person leave. If, say, "Alice" (fictive name) was doing fundraising but
 was using `alice@xxxxxxxxxxxxxx` for that work. When they leave, should we
 forward `alice@` to `fundraising@xxxxxxxxxxxxxx`?

 But then what if Alice was using their work email for private
 correspondance either? Maybe the fundraising team shouldn't be able to see
 *those* communications.

 One proposal could be that the default policy is this:

  1. email @torproject.org is "function" email and is destined only for
 torproject.org related work
  2. when a person leave their position, that email gets deactivated after
 a 6 months delay
  3. in extreme cases, some forward may be *temporarily* enabled to reset
 accesses or re-establish contacts with a provider or third-party

 It is also possible that there could be *two* policies, one for TPI
 employees and one for other TPO people.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32558>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #30866 [Core Tor/Tor]: Teach config.c to work with options configured in other modules
Next by Author: [tor-bugs] #32564 [Core Tor/Tor]: Assertion pol->magic failed
Previous by thread: Re: [tor-bugs] #32557 [Core Tor/Tor]: TOR crashes when AvoidDiskWrites and/or DisableAllSwap defined in `torrc`
Next by thread: Re: [tor-bugs] #32558 [Internal Services/Tor Sysadmin Team]: clarify what happens to email when we retire a user
Index(es):
- Author
- Thread